Report - travellink.onelink.me/6W7x?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true&af_web_dp=https://tukix.net/qp9sKz1A43Pt/news/db09596aae94b77fe5270d175a1b477c////amVhbm5pZS5mcmVkZXJpY2tAa2lja2ljdC5jby51aw==

Report Overview

Submitted URL
travellink.onelink.me/6W7x?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true&af_web_dp=https://tukix.net/qp9sKz1A43Pt/news/db09596aae94b77fe5270d175a1b477c////amVhbm5pZS5mcmVkZXJpY2tAa2lja2ljdC5jby51aw==
IP
23.36.76.249
ASN
#20940 Akamai International B.V.
Submitted
2024-04-16 07:33:43
Access
public
Website Title
Sign in to your account
Final URL
k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk
Tags
phishing microsoft outlook suspicious
urlquery detections
Phishing - Microsoft Outlook
Suspicious - Anti-debugging code

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tukix.net	unknown	2008-09-09	2015-06-19	2024-04-16	688 B	253 B	183.181.83.141
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-15	1.7 kB	38 kB	104.17.3.184
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-15	862 B	58 kB	104.17.25.14
aadcdn.msftauth.net	1455	2018-10-25	2018-11-19	2024-04-16	968 B	129 kB	152.199.23.37
aadcdn.msftauthimages.net	4622	2018-11-12	2019-08-14	2024-04-16	1.1 kB	49 kB	13.107.246.53
travellink.onelink.me	unknown	2014-11-26	2019-12-19	2024-04-15	733 B	602 B	23.36.77.43
k3ed.icu	unknown	2024-04-12	2024-04-12	2024-04-16	2.4 kB	30 kB	194.5.212.157
outlook.office.com	77	1999-04-20	2018-12-21	2019-01-03	423 B	8.9 kB	52.98.228.210
bc1q55p7m2h86w6f9wznc8jprkj.com	unknown	2024-02-24	2024-02-24	2024-03-26	1.0 kB	16 kB	193.222.96.170
aadcdn.msauth.net	1421	2018-10-25	2018-11-19	2024-04-16	993 B	22 kB	13.107.246.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk	4.2 kB	2024-04-16	2024-04-19
Pretty URL k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 00:32:16 Last Seen2024-04-19 09:41:43 Times Seen190 Hash bcbf3815f7d4f8975dfc3d5e823eafa6 6fb38099b6f82307e8b0022aac08673936f5aab1 cddbd0745a0e364f4945147af5c68aaa5026ab44c7869381780ca483eb0fe290 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-29 20:56:04 Times Seen263279 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	unknown	6.6 kB	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash 8008499a7fdec694ac6214f602f09021 b9682be3c6093e12ff01c8726202a689edb9a387 50b4c401282a3eecae5efa475e18bdd8a62938c78c5ca5649b8d1eb2e3e7d5b9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6e8de54f8479c92841a82e984dce280c	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash 6e8de54f8479c92841a82e984dce280c ffb5ec61738b2535f7d05b6f079720cb1d91ffaf d01094654175e43e49909474040d8c261dd09e9abf42502ff69762823f9e03b9 Loading...

	#2 Eval - 6067ed95d9c4418cd3e5d80645dc0cb1	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash 6067ed95d9c4418cd3e5d80645dc0cb1 20d002bcc27bd997d31cfc6a22510392af35e51d 7da4d4ef651f84334db564c8b2cac96e2ae7a9fef95bd8329e0d6b06aa65c9cc Loading...

	#3 Eval - 2674f420d76b6d768a2d3ef529eb6426	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash 2674f420d76b6d768a2d3ef529eb6426 8493e2314858bdc2ef4ac104a84e6bb204e056a2 3610d953a6f8e8a1e1679d472a061f10a59183c192e9060758be8b839d1d8f6c Loading...

	#4 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-29
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-29 21:30:03 Times Seen350643 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#5 Eval - ac6d43b49aec2f87daf340337b6a7882	60 B	2024-04-04	2024-04-17
Pretty Observations First Seen2024-04-04 12:28:09 Last Seen2024-04-17 16:04:31 Times Seen3428 Hash ac6d43b49aec2f87daf340337b6a7882 d3874a31a6b7fe11121edc3ed80fdc8b66f6589a 1af55b64e0b39e0f5f760a8050b284a66fe404ddff945697590f8240798311b2 Loading...

	#6 Eval - 06bf23e8944f862a0f09246c898d0882	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash 06bf23e8944f862a0f09246c898d0882 c15efbe7af5eab780559036c010a68369596865a 867b94b3ffd039c6f79fbcb97e30cf003f9ab38a57620c511cc6836dcc30d526 Loading...

	#7 Eval - 57bf6b2ccc233ace3644503f7e83dd74	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash 57bf6b2ccc233ace3644503f7e83dd74 094776f01665d515c5613ae16ccc67109427b667 2ac6e26d7fb51e448a245236914fc0336274135e99b925e3e9c2f4f49a12235f Loading...

	#8 Eval - 0290efdcee72dd19d82a792c7ff080f8	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash 0290efdcee72dd19d82a792c7ff080f8 7cd3cc70874e1653277014ec80c0a6355c4a6d48 9ea4d8d6ed3859b0a5b46368beb092b5a43e47a38bef03ce1f4e7d254415fe60 Loading...

	#9 Eval - d86e9b17c55ede24576fd2e6528c03db	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash d86e9b17c55ede24576fd2e6528c03db 3096a0a764c3aa410ac3d41cf3c555eacf21bac1 285cdb33f1be1dc861705a297f426817a5482652565a17e1cca779c8292bcf7f Loading...

	#10 Eval - d1065a7706af304ec732869bcf73b343	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash d1065a7706af304ec732869bcf73b343 f9f71a62c88e05aedd84e1b0a7ea6e5e4702144a 9c1f9bfcf30c1f3d6a7ab158f599028a290559f31af1c1b515b802887bf6d42f Loading...

	#11 Eval - d66c2a3ec9471ac41eb636dd35e68740	162 B	2024-04-04	2024-04-17
Pretty Observations First Seen2024-04-04 13:51:49 Last Seen2024-04-17 16:04:30 Times Seen745 Hash d66c2a3ec9471ac41eb636dd35e68740 0a0df48399a54f5e9e1cc314afb47809429fabe0 06da1a9d19030d0ef1321621c16fd90ef543821b71b017219501fe046a536973 Loading...

	#12 Eval - 79c61272fc45c3c04860ede5dd4ca31e	1.1 kB	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 08:44:48 Last Seen2024-04-16 09:33:44 Times Seen2 Hash 79c61272fc45c3c04860ede5dd4ca31e 05f85a7979815cdbd79bcd9891f6266e80dac953 65b6df0f43a9f0dc4a9caa17f85e9be3558252b575535c7205090bd90c61f96e Loading...

		Size	First Seen	Last Seen
	#1 Write - 8a0bed010a9fd21a560b90da24f37189	795 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 12:57:45 Last Seen2024-04-19 15:49:12 Times Seen3733 Hash 8a0bed010a9fd21a560b90da24f37189 38972fe20940c05edb4139a266dffe2e8e627b1a bc30534b563e7ba1a059a806e101b42c69104b5aacb6afe2293b575e9935dfde Loading...

	#2 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07	2024-04-29
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-29 21:17:39 Times Seen44667 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

	#3 Write - 1eb8a49554eb01236212e53074098576	15 kB	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:33:44 Last Seen2024-04-16 09:33:44 Times Seen1 Hash 1eb8a49554eb01236212e53074098576 3ad4b8109bcf242ad165dbaeb77f25ac1ceb615f c566783c8fa02e0e0f6c040e34a9703d47d50a154a1513cdac32f37cda5ca885 Loading...

HTTP Transactions (20)

	URL	IP	Response	Size
	travellink.onelink.me/6W7x?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true&af_web_dp=https://tukix.net/qp9sKz1A43Pt/news/db09596aae94b77fe5270d175a1b477c////amVhbm5pZS5mcmVkZXJpY2tAa2lja2ljdC5jby51aw==	23.36.77.43		0 B
URL travellink.onelink.me/6W7x?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true&af_web_dp=https://tukix.net/qp9sKz1A43Pt/news/db09596aae94b77fe5270d175a1b477c////amVhbm5pZS5mcmVkZXJpY2tAa2lja2ljdC5jby51aw== IP 23.36.77.43:0 ASN #20940 Akamai International B.V. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /6W7x?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true&af_web_dp=https://tukix.net/qp9sKz1A43Pt/news/db09596aae94b77fe5270d175a1b477c////amVhbm5pZS5mcmVkZXJpY2tAa2lja2ljdC5jby51aw== HTTP/1.1 Host: travellink.onelink.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 301 Moved Permanently content-type: application/octet-stream content-length: 0 location: https://tukix.net/qp9sKz1A43Pt/news/db09596aae94b77fe5270d175a1b477c////amVhbm5pZS5mcmVkZXJpY2tAa2lja2ljdC5jby51aw==?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true strict-transport-security: max-age=31536000; includeSubDomains accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List cache-control: no-cache, no-store server: http-kit date: Tue, 16 Apr 2024 07:33:17 GMT X-Firefox-Spdy: h2

	tukix.net/qp9sKz1A43Pt/news/db09596aae94b77fe5270d175a1b477c////amVhbm5pZS5mcmVkZXJpY2tAa2lja2ljdC5jby51aw==?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true	183.181.83.141		0 B
URL tukix.net/qp9sKz1A43Pt/news/db09596aae94b77fe5270d175a1b477c////amVhbm5pZS5mcmVkZXJpY2tAa2lja2ljdC5jby51aw==?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true IP 183.181.83.141:0 ASN #131965 Xserver Inc. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /qp9sKz1A43Pt/news/db09596aae94b77fe5270d175a1b477c////amVhbm5pZS5mcmVkZXJpY2tAa2lja2ljdC5jby51aw==?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true HTTP/1.1 Host: tukix.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Tue, 16 Apr 2024 07:33:19 GMT content-type: text/html; charset=UTF-8 content-length: 0 refresh: 0;url=https://k3ed.icu?e=jeannie.frederick@kickict.co.uk vary: User-Agent accept-ranges: bytes X-Firefox-Spdy: h2`

	k3ed.icu/?e=jeannie.frederick@kickict.co.uk	194.5.212.157		0 B
URL k3ed.icu/?e=jeannie.frederick@kickict.co.uk IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?e=jeannie.frederick@kickict.co.uk HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found Server: nginx Date: Tue, 16 Apr 2024 07:33:19 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=60 X-Powered-By: PHP/5.4.16 Set-Cookie: PHPSESSID=rittc60o2ekjn479rsikj05hc2; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache location: main/`

	k3ed.icu/main/	194.5.212.157		3.5 kB
URL k3ed.icu/main/ IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type JavaScript source, ASCII text, with very long lines (3095) Size 3.5 kB (3548 bytes) Hash e4215c4c009d4f1d7d5690b5d92e381a 33ddf1fc316417cd5089c5932a02847925ddb137 542a0404717c91c685eb87b0c58ac2a397b88a4ac4c3f61268eaec5b2107441a HTTP Headers `GET /main/ HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: PHPSESSID=rittc60o2ekjn479rsikj05hc2 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 07:33:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	104.17.3.184		0 B
URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Tue, 16 Apr 2024 07:33:19 GMT content-length: 0 cross-origin-resource-policy: cross-origin location: /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback access-control-allow-origin: * cache-control: max-age=300, public vary: Accept-Encoding server: cloudflare cf-ray: 87527c8efef1b503-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback	104.17.3.184		14 kB
URL challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type JavaScript source, ASCII text, with very long lines (40613) Size 14 kB (13902 bytes) Hash d1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370 HTTP Headers `GET /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://k3ed.icu/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK date: Tue, 16 Apr 2024 07:33:19 GMT content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * cache-control: max-age=31536000 cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 87527c8f0ef8b503-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	k3ed.icu/main/main.php	194.5.212.157		5.7 kB
URL k3ed.icu/main/main.php IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type HTML document, ASCII text, with very long lines (4198) Size 5.7 kB (5655 bytes) Hash e11c2acf1ae86fc07f6c79e559a6075a 6b430e0023c111831bdd16e24f8039dd90c091bf 10c57b3e50bc1fc08d7e6de8562b40c1b0147b98e1ee09290edd2cfcb7375620 HTTP Headers POST /main/main.php HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 539 Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/main/ Cookie: PHPSESSID=rittc60o2ekjn479rsikj05hc2 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 07:33:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.25.14	200 OK	28 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 16 Apr 2024 07:33:25 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 2778312 expires: Sun, 06 Apr 2025 07:33:25 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3fJZ%2BlA2AdMcMuXHXg1G%2Fu0IEfb48yPb6MOd5zqcLO5XbgpiB%2FF8JswFGzGrgt73GCF0bzMrGgO8XhuVz6CQyAjOsxzyFdloJBTgIjb70JbNWaqwkPad5PKPxE9JSWq%2FaXXCU67"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87527caf781b712f-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	outlook.office.com/mail/favicon.ico	52.98.228.210	200 OK	7.9 kB
URL GET HTTP/2 outlook.office.com/mail/favicon.ico IP 52.98.228.210:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerDigiCert Inc Subjectoutlook.com Fingerprint2C:61:C5:26:BC:9A:1C:E6:BE:6B:92:00:FC:AF:29:2A:23:84:5E:5C ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel Size 7.9 kB (7886 bytes) Hash ac16fa7fc862073b02acd1187fc6def4 f2b9a6255f6293000f30eee272abdd372a14e9d3 e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45 HTTP Headers `GET /mail/favicon.ico HTTP/1.1 Host: outlook.office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-length: 7886 content-type: image/x-icon last-modified: Mon, 15 Apr 2024 16:41:28 GMT accept-ranges: bytes etag: "1da8f53c326b2ce" server: Microsoft-IIS/10.0 request-id: d40441eb-8c60-a349-1372-bed11fe3dcd3 strict-transport-security: max-age=31536000; includeSubDomains; preload alt-svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000 x-preferredroutingkeydiagnostics: 0 x-calculatedfetarget: MM0P280CU003.internal.outlook.com x-calculatedbetarget: MM0P280MB0296.SWEP280.PROD.OUTLOOK.COM x-backendhttpstatus: 200, 200 x-besku: UNKNOWN x-rum-validated: 1 x-rum-notupdatequeriedpath: 1 x-rum-notupdatequerieddbcopy: 1 x-proxy-routingcorrectness: 1 x-proxy-backendserverstatus: 200 x-bepartition: Clique/CLSWEP280MMX00 x-feproxyinfo: GVYP280CA0042.SWEP280.PROD.OUTLOOK.COM x-feefzinfo: GVX ms-cv: 60EE1GCMSaMTcr7RH+Pc0w.1.1 x-firsthopcafeefz: GVX x-powered-by: ASP.NET x-feserver: MM0P280CA0086, GVYP280CA0042 date: Tue, 16 Apr 2024 07:33:20 GMT X-Firefox-Spdy: h2

	bc1q55p7m2h86w6f9wznc8jprkj.com/api/v3/auth	193.222.96.170	200 OK	2 B
URL OPTIONS HTTP/1.1 bc1q55p7m2h86w6f9wznc8jprkj.com/api/v3/auth IP 193.222.96.170:443 ASN #203168 Constant MOULIN Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerLet's Encrypt Subjectbc1q55p7m2h86w6f9wznc8jprkj.com Fingerprint84:86:E7:90:80:03:89:31:C2:46:95:FA:0D:0B:34:CA:B1:A9:E8:25 ValiditySat, 24 Feb 2024 20:51:11 GMT - Fri, 24 May 2024 20:51:10 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers OPTIONS /api/v3/auth HTTP/1.1 Host: bc1q55p7m2h86w6f9wznc8jprkj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://k3ed.icu/ Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK date: Tue, 16 Apr 2024 07:33:26 GMT server: uvicorn vary: Origin access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-origin: https://k3ed.icu access-control-allow-headers: content-type content-length: 2 content-type: text/plain; charset=utf-8`

	bc1q55p7m2h86w6f9wznc8jprkj.com/api/v3/auth	193.222.96.170	200 OK	16 kB
URL OPTIONS HTTP/1.1 bc1q55p7m2h86w6f9wznc8jprkj.com/api/v3/auth IP 193.222.96.170:443 ASN #203168 Constant MOULIN Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerLet's Encrypt Subjectbc1q55p7m2h86w6f9wznc8jprkj.com Fingerprint84:86:E7:90:80:03:89:31:C2:46:95:FA:0D:0B:34:CA:B1:A9:E8:25 ValiditySat, 24 Feb 2024 20:51:11 GMT - Fri, 24 May 2024 20:51:10 GMT File type JSON text data Size 16 kB (15632 bytes) Hash 01159471fac8f064368747285dcb248b b414a754e5281f11738be6b50e42518f411d938a 6781889f95377cd94f96ea8c6ccb1a64fd155e62fb807dba74bbd42fc6acb30c HTTP Headers POST /api/v3/auth HTTP/1.1 Host: bc1q55p7m2h86w6f9wznc8jprkj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 183 Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK date: Tue, 16 Apr 2024 07:33:26 GMT server: uvicorn content-length: 15632 content-type: application/json access-control-allow-origin: * access-control-allow-credentials: true`

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.25.14	200 OK	28 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Tue, 16 Apr 2024 07:33:30 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 2778317 expires: Sun, 06 Apr 2025 07:33:30 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvwbCmDY55soOf2DUvczJIR3UAxKitXWVccCFsTbJdoamruR9UbTe68fWB4kcY8nhLCWHsaAfBNPraBx%2F2I9bdVn6tTU850RmCjFX7wrsKkalkJhcqixfDCN%2BuVTWsOi3iQYqGPR"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 87527ccfff0356b7-OSL alt-svc: h3=":443"; ma=86400

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1140761109:1713249170:MSKh_E8KurXUdTvMvEig52WHlUAcij974Syi3g0_-0I/87527c8f9802569c/31d8eb7e482c531	104.17.3.184		22 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1140761109:1713249170:MSKh_E8KurXUdTvMvEig52WHlUAcij974Syi3g0_-0I/87527c8f9802569c/31d8eb7e482c531 IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (3344), with no line terminators Size 22 kB (22498 bytes) Hash afafbe9aed4188cb80844ae97b02b7ae 2d040880406975aafdcfceda1b3150daccdb2067 38b859d34fa218e45128c404c7f5ff5a0c5aa369e0208fae3af4e457df8c58be HTTP Headers POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1140761109:1713249170:MSKh_E8KurXUdTvMvEig52WHlUAcij974Syi3g0_-0I/87527c8f9802569c/31d8eb7e482c531 HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/htnvc/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal Content-type: application/x-www-form-urlencoded CF-Challenge: 31d8eb7e482c531 Content-Length: 36071 Origin: https://challenges.cloudflare.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Tue, 16 Apr 2024 07:33:24 GMT content-type: text/html; charset=UTF-8 cf-chl-out: qg2uy+mrzBfnpYXyAsFEsbjYswbXkVKNsTTcW/YQ9RTk3mnzk7gVxrSKz7oyYLxs5kNe58HpeRZzq6kOrB61cf320r/XoPhLTO9OfXX88RPIy3cuHhSu3otkpqpYHj7m$QyPNdasoj7vMtzmmVaqQ+g== cf-chl-out-s: ZT776qoGQ1JTJ+6OqaEOEWidW58uyNnQvh+rKOqejYk8CxOvTOmRFmIeU9fDL6vFAGX1lvFE7piVa0/5XiWd0jkHCEWUB0XEeGN5Melee/ayilHREg/jS8eT+DuEdMLo2w4xJLc+KqsdwRBPKwf5UDAuX0OzfkrbkkV8KDEykGn5m0x4DTD/lw+f5Ag3ma2Ic4/tMf0WacljMl2ybVOs31cHDhTCaNUKl+ny57Sq3SJwtRuco4maJaNRgnh2hc7TWP2v9A6ZmjIGfxOpKNFoKUGhAtsk5u0sRguIJDxk5OPih5/LHaM6YJtKCUkHdz3Dd477v8Mv9dAXIVEGfDcRClCIxQg47yxQ8aaKbMVeNX98ZXieatWYbvkJdzEJdQtHytMaq0K9xc49OsD/0OU3epWw2tER7L5sEU8zvuGcy9Gc52e8G40jyjwuVHTVUwzS+GYAAcq+10OZvNFCON9hw4wVDbZM5pmx/nagU/GPTT1I6FiK1mKlW04ZfmFY3M7PWj3HcQWGtbpoRe+KDAbpXvgVuK25+yn8M93GzA+FD461WkL3mw4ekDXLe4Bac8iWUocSnpI0nBQlClc5WxhLZCQyl4mVP7llbOhzpFGSiwLIkhh4h/+R3S++DkCp8tWF$n9sdycOg8O7vQx9Rc5RDyA== server: cloudflare cf-ray: 87527cabfbb6569c-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg	13.107.246.53	200 OK	276 B
URL GET HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT File type SVG Scalable Vector Graphics image Size 276 B (276 bytes) Hash a9cc2824ef3517b6c4160dcf8ff7d410 8db9aebad84ca6e4225bfdd2458ff3821cc4f064 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58 HTTP Headers `GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 16 Apr 2024 07:33:30 GMT content-type: image/svg+xml content-length: 276 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Fri, 17 Jan 2020 19:28:34 GMT etag: 0x8D79B8371B97A82 x-ms-request-id: 01141f63-001e-0066-400c-8f5db0000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240416T073330Z-16c87f56bf7fqg25gt8gap6yws00000006f000000000aayt x-fd-int-roxy-purgeid: 4554691 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	aadcdn.msftauthimages.net/c1c6b6c8-rqaafqynkc30ojjyoyisfjq2xt3y4nxc6caynu5xp6w/logintenantbranding/0/bannerlogo?ts=637716453810628292	13.107.246.53	200 OK	6.0 kB
URL GET HTTP/2 aadcdn.msftauthimages.net/c1c6b6c8-rqaafqynkc30ojjyoyisfjq2xt3y4nxc6caynu5xp6w/logintenantbranding/0/bannerlogo?ts=637716453810628292 IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerMicrosoft Corporation Subjectaadcdn.msftauthimages.net FingerprintE6:88:22:EC:52:D3:88:E3:A1:7B:01:0A:70:8F:08:41:F8:AD:6D:4B ValiditySun, 18 Feb 2024 02:47:29 GMT - Wed, 12 Feb 2025 02:47:29 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 196x81, components 3 Size 6.0 kB (5983 bytes) Hash ff6c576211a888c4070cdd7627c92985 90f1206e1e9575969e6f3c2ccaf1cf7711455ef3 9ef62acb8ca1f4756db1b0856b2aeecd8a76d638d3c2b6e34dc6a4ee0be0d396 HTTP Headers GET /c1c6b6c8-rqaafqynkc30ojjyoyisfjq2xt3y4nxc6caynu5xp6w/logintenantbranding/0/bannerlogo?ts=637716453810628292 HTTP/1.1 Host: aadcdn.msftauthimages.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 16 Apr 2024 07:33:30 GMT content-type: image/* content-length: 5983 cache-control: public, max-age=86400 last-modified: Thu, 04 Nov 2021 17:56:21 GMT etag: 0x8D99FBC68EA4663 x-ms-request-id: 9a8d3cb9-501e-0058-05d0-8f83f3000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240416T073330Z-16c87f56bf7wbb25w1qaqne0d000000004d0000000009z12 x-fd-int-roxy-purgeid: 50755578 x-cache: TCP_MISS x-content-type-options: nosniff accept-ranges: bytes X-Firefox-Spdy: h2

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css	13.107.246.53	200 OK	20 kB
URL GET HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT File type ASCII text, with very long lines (61177) Size 20 kB (19953 bytes) Hash ce26137fc0d9b7d7a0d52ebe3a186512 b9d7fb3fe7d08f46c2d1153bb47b13809375c663 1304c5090f063c677a5b3720fe7b97ef4d9ea102e2bdd837ce399df6057fe385 HTTP Headers `GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 16 Apr 2024 07:33:30 GMT content-type: text/css content-length: 19953 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Mon, 18 Apr 2022 21:18:26 GMT etag: 0x8DA2180FA29F5AF x-ms-request-id: 7fee1130-201e-0058-3033-8fdebc000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240416T073330Z-16c87f56bf76lgb56acc4chpn000000002fg00000000dusv x-fd-int-roxy-purgeid: 4554691 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	152.199.23.37	200 OK	17 kB
URL GET HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Size 17 kB (17174 bytes) Hash 12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 HTTP Headers `GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1919588 cache-control: public, max-age=31536000 content-md5: EuPayFgGHQiAI7K9SOL6lg== content-type: image/x-icon date: Tue, 16 Apr 2024 07:33:30 GMT etag: 0x8D8731240E548EB last-modified: Sun, 18 Oct 2020 03:02:30 GMT server: ECAcc (ska/F738) x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 582df77a-301e-0028-1b5a-7e9304000000 x-ms-version: 2009-09-19 content-length: 17174 X-Firefox-Spdy: h2

	aadcdn.msftauthimages.net/c1c6b6c8-rqaafqynkc30ojjyoyisfjq2xt3y4nxc6caynu5xp6w/logintenantbranding/0/illustration?ts=637986727425859380	13.107.246.53	200 OK	42 kB
URL GET HTTP/2 aadcdn.msftauthimages.net/c1c6b6c8-rqaafqynkc30ojjyoyisfjq2xt3y4nxc6caynu5xp6w/logintenantbranding/0/illustration?ts=637986727425859380 IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerMicrosoft Corporation Subjectaadcdn.msftauthimages.net FingerprintE6:88:22:EC:52:D3:88:E3:A1:7B:01:0A:70:8F:08:41:F8:AD:6D:4B ValiditySun, 18 Feb 2024 02:47:29 GMT - Wed, 12 Feb 2025 02:47:29 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, software=www.inkscape.org], baseline, precision 8, 1920x1080, components 3 Size 42 kB (41516 bytes) Hash 2d96cefac8cc2565dcfe458c5fd22d7c ffa29be93a97887951a59f554676225ef92c2aa5 547ff7b0825a202459adac830d86938991b727ea90f88df8a641f1e32353da9a HTTP Headers GET /c1c6b6c8-rqaafqynkc30ojjyoyisfjq2xt3y4nxc6caynu5xp6w/logintenantbranding/0/illustration?ts=637986727425859380 HTTP/1.1 Host: aadcdn.msftauthimages.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 16 Apr 2024 07:33:30 GMT content-type: image/* content-length: 41516 cache-control: public, max-age=86400 last-modified: Tue, 13 Sep 2022 13:32:22 GMT etag: 0x8DA958C63CF0C9F x-ms-request-id: 3a161bae-101e-0059-07d0-8fdc2f000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240416T073330Z-16c87f56bf7wbb25w1qaqne0d000000004d0000000009z19 x-fd-int-roxy-purgeid: 50755578 x-cache: TCP_MISS x-content-type-options: nosniff accept-ranges: bytes X-Firefox-Spdy: h2

	aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css	152.199.23.37	200 OK	111 kB
URL GET HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#Xqib2zfI6Uq4ORFOWoOUup59RjlTD6EAxXLzw1iDVIHKAnywLnrfNwoEQKxtQc3n9OWGPfjLY1wyo45arwpf2OTSyrlpEpNNeKu4ZOPXPlveqBoS7O7aD13cspB6OoU29o68cW62iBgIdFBltIv6JyicXUjLjdOsCUBOQHR8j7RwNsRgbnnVVG7TBqFUEtngoY5eFWnZ4evRHn8SKwNGcUANlfIZJ5g84mnKjKJnZffGCoznUm46hEUCUCCEITMMf9wyUfWTucA7A9uuvyBMdwp882MQVyCbI9JCoGwTS60sfvXL3zyh5Ype0c5WLI7tRQ5gwB9pI9RYEPJIpi0vgpJgCPcnykQqaWGHyP7hZZfDOYmdgmJwMsNoi0MQkDgvzXd8MkpMjEq8DMlU94rWxelQf7HzKY4kVhsICSuVwU3aHp4RuwN2L8S0gAz0yEktWNbyFGucBymiXr9sXXuI6nJmXinvXIYTvasbRXosvKLscUUaSpTYMClJVIfSqeMWof7fcvIHgtato5Dguxfh9A15igYJuLFT0N9djRVzk53IbHZFeeXoPYt7erRIcwBdjKqCClcWrfFCXFibUfzJe3RsvIbHfMVzxmb9Ho69EMMBr4Nlkm5yqW1VFcDUZytwUFGC3NMIzyj1D6nXtswTpxP4JsYI1rfV6WyaJkSjSckvjHtMa0GzxvDhYC0Z4fVbctlVOefHrzdKhHwsHd2fIGwGiwFmMByZ5UVT8aBAKOk2vRud4wsMdYtvv9SiKqhPkcJtmk369o9FfDSjak6njzTOJL6ucokxA30Xo44ysddHR512p7qIHjxq5EUh2fPCiPAHUEfmRs4Jy5LYcbGUvekASfSUuHxNx7vsMLOEeTnMY9Kblr5QFqrxGksb2ZZz7u2TfRxtKVgJ41Ups0g8rHF818j38iDfNG93xHxhCN0HOV7hWnpo55w7dQbl8PBWvLZ2swk5jlM8gTpdhOCmT8t7YEt7u43ZQ21izlnTGa1X3rbkfNH9VbhUQK1kP5jF8lYHGlAnvBlz2wUikBsfMJaCucXjhgZpBX7iiHGOj1nmyhEST78GQiikvgEMwDc8AkrT17Hk95GHmlAfsIVj1eEwuij1WwawQBqRJ7cScTAzfaPHTL1UZGruZKwVhGs7iSZ2ZbUc4vLkGA1Am3umJVQIGnEX465nY4pYfkbkPXEwyG6UKBgux7cduRbzXgWWklVAF7Vv4A2Cg8x1KNvhUIvpzGYxXVuigqSWxOsCoveFDMGnzbFtUaTtRR1OMv63WZ0tNt5cYkRC6y0FJG9EQ28HU9wHFDLBDM4qgaDfvuRB2ShMyrqpuy6pID6ngSYTE3kVdXaIs1kvUCht3ISyhZXZC4nTXlMBo6xC4HlwJF2Dij7m2ZUjZSjBWGuT2hvrn23sKpZt517nleJndEHdw1OtHjnKATbYWeqGEpaJrh6MvQ9JuRW1SLvA4TkENvDJK3qotA7VReHn4R6zJ3BBO6cT0wyN2bwNfXcJxkEpymNDdUdWXOyMVKFVheIkpf7FcjoKD3acpXPDR2APR9CMUhIbwrvVGDBTWZEA3OMtMB7EEHuwR6jLo1XUstQ96r33rHDuwpYj15XGNrcExwqWxnQ0QGaX7d0yVE3r41L66IMTaZyIvYE3mu4dbeaisaRnPUPTWAZ2jMWuLvdhuSkQmo3yDdR5oItdDi7zT6CdSyHE4VWyNgoaFsIjGzo4hSiUapu4w6ipFZ4JV0hIhGSX9AgPaFUsxcnICRM9X4yD4Cm0DEIUlARub7jmMdOjqb233Pc0TLDYo0Y1EHV0iMutUOQG2E0tQ2wTRJTLuxKSxJUcqPcICHcww2dyGe2whyp9hjUMRFFpozCPoOx1wKx2MLBtZD0gcqpuJkgBZW0ovCdUrLVYvt0heCLdgLtsbTXVddwcawBF9PAAAvy5Zzndc9rsUVV6OS116xeg4PWeEwOf2nl1XJfaSGDNByTqrUrysFOxvLLahApkYKlWtB6liJ8Ti2jKWLipr6WWRI69jwthgPdKqk6I4fCmhW6eHoD9vA5nicxCI0TZQ7JgrPZw4BSlyZzgodpTNvh6HOIqPCpFJ8WbYVH2xAo6zYmYbMSZh95ZYOqOqPtaYqmXm3ZUEo0emncx94wqdCqcqQ0RGu1EVnBhrBb50bjmywUIAr8O4z0vp1m5vnKqLmIcYTiY5ClE8gmIIvwM4xhuyDz41kuMGcZE6iDbUYQ3fcMXHjKMQ1gpFPtHaYtQatvhL8tG7jKnvwkdP4ZG6g5L6zsgxW6IqCZcLsSSMDfh9AvZFvGLLLxSk08SXfAnRzzC2svO5L6fmBe17UMTGkL1kTTh9tF13eD5H9UMV02hChiKc5DSpoUKiO2siHtlW7rDglqbmttZKLJWRmPhLJ24x4wPMZbI7CmnYNzlg3k0O3WGqLXbvZg34MSQM4zTGVhFIR0ZUlZJoWpPIn1dnhgr49iQdRKUN1AwSAvNVvwksW9ajboHsF9xPrn3j8X69yD288P4Emp6izhBKFidlsKaT8ddgbkqJXsS6iWLEmRXV8yFORS9jDjdLxr1ILrsJUkPdhASDsPyBoepf7yzKSNvpex80YAJTUy6c9ZPBOoccDCsKb2u3P0s4xA4waNq5mwhvv77kwkwaXYU80pbQqEUXeZupMUv8rNEXVMhs7OC4NwcNWnEm1zkgyOFkJbtbY88TUql1eX51uhPrFtNG28WAXCVGNpRMx0Fsq1tFZzGuRwVwZId2R9DOMzuAYmmwm2YN3ss329xTFtqFcDH3NlRzUm9TJwp5yoTCQmGSvdMaHcPTQxWDTOdNanHTT7ZsvT4mfKfKY2VFeLz5ivJbjWZukHodOnGkgKHvvWgtZb9eWIjfe2ryZq2j8qxXOdh4XYAtVQWV269ZOse2vFAu6DNe3kbRxtWvsxYooVjq1spQVDTqjuUp7HEb2P3AjZ5Lw49U0sl1VKRQoLgHfb7mTLxVBAwUACF7GO2GhnId8A3?cfg=jeannie.frederick@kickict.co.uk Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (61177) Size 111 kB (110586 bytes) Hash f0e5964f8bbedf73d2d3001623bb663b aadf3504d5e5a93e678487eeb4a63398f2699341 9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492 HTTP Headers `GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1879548 cache-control: public, max-age=31536000 content-md5: 9K2/nGCj75WAmmAI9nZNCA== content-type: text/css date: Tue, 16 Apr 2024 07:33:30 GMT etag: 0x8DA7650B375AC9B last-modified: Thu, 04 Aug 2022 19:37:00 GMT server: ECAcc (ska/F7A0) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 8887ee14-601e-0019-5fb8-7e9917000000 x-ms-version: 2009-09-19 content-length: 19970 X-Firefox-Spdy: h2

	k3ed.icu/main/main.php	194.5.212.157	200 OK	19 kB
URL User Request POST HTTP/1.1 k3ed.icu/main/main.php IP 194.5.212.157:443 ASN #9009 M247 Europe SRL Certificate IssuerLet's Encrypt Subjectk3ed.icu Fingerprint38:8C:F9:F9:50:CB:2F:02:9C:6D:EE:ED:BE:32:CE:22:DB:AC:19:E4 ValidityFri, 12 Apr 2024 19:50:22 GMT - Thu, 11 Jul 2024 19:50:21 GMT File type HTML document, ASCII text, with very long lines (4198) Size 19 kB (19233 bytes) Hash e11c2acf1ae86fc07f6c79e559a6075a 6b430e0023c111831bdd16e24f8039dd90c091bf 10c57b3e50bc1fc08d7e6de8562b40c1b0147b98e1ee09290edd2cfcb7375620 HTTP Headers POST /main/main.php HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 539 Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/main/ Cookie: PHPSESSID=rittc60o2ekjn479rsikj05hc2 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 07:33:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (20)

URL

IP

ASN

File type

Size